[Snort-openappid] DetectorValidator not called on SSH

Costas Kleopa (ckleopa) ckleopa at ...5...
Tue Jun 9 14:12:19 EDT 2015

SSH connections are part of the C Detectors of the OpenAppID product, and those do not require the use of Lua/DetectorValidator.


> On Jun 8, 2015, at 1:27 PM, Peter Hansen <pch66 at ...89...> wrote:
> Hello,
> I am attempting to log IP addresses and ports for connections on an app by app basis, and I am having some trouble doing this using the DetectorValidator. I note that the documentation does not call the function for HTTP, SSL, and SIP connections, but as far as I can tell it is also not being called for SSH connections. Does anyone have guidance on this? 
> Thank you,
> Peter Hansen
> ------------------------------------------------------------------------------
> _______________________________________________
> Snort-openappid mailing list
> Snort-openappid at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-openappid
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

More information about the Snort-openappid mailing list